package atom.core3.apache.http4.ssl;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;

import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.ssl.SSLContexts;

public class SSLConnectionSocketFactoryUtil {
	public static SSLConnectionSocketFactory getSSLConnectionSocketFactory() throws Exception
	{
		SSLContext sslcontext = SSLContexts.custom().build();

		return  new SSLConnectionSocketFactory(sslcontext, new NoopHostnameVerifier());
	}
	public static  SSLConnectionSocketFactory getSSLConnectionSocketFactory_Jdk7Cipher() throws Exception
	{
        String[] protocols = {"TLSv1", "TLSv1.1", "TLSv1.2"};
        String jdk7Cipher = "" +
                "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," +
                "SSL_RSA_WITH_RC4_128_SHA," +
                "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA," +
                "TLS_ECDHE_RSA_WITH_RC4_128_SHA," +
                "TLS_ECDH_ECDSA_WITH_RC4_128_SHA," +
                "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA," +
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," +
                "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA," +
                "TLS_ECDH_RSA_WITH_RC4_128_SHA," +
                "TLS_EMPTY_RENEGOTIATION_INFO_SCSV," +
                "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA," +
                "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA," +
                "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," +
                "TLS_RSA_WITH_AES_128_CBC_SHA," +
                "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," +
                "SSL_RSA_WITH_RC4_128_MD5," +
                "SSL_RSA_WITH_3DES_EDE_CBC_SHA";

        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            //信任所有
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                return true;
            }
        }).build();
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, protocols, jdk7Cipher.split (","),
                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        
        return sslsf;
	}
}
